Threat of the Month: Cryptolocker

Cryptolocker/Cryptowall is ransomware targeting Microsoft Windows devices. This trojan selectively encrypts your data. Once encrypted, your data is held for ransom by the attacker (who holds the key).

How does it work?

The trojan is commonly delivered through spear phishing. Once installed it contacts the attacker's infrastructure (C&C) to register and generate a new set of keys. The public key is then sent back to your device and the trojan starts looking for documents, photos and other data to encrypt. You are then presented with the ransom note threatening to destroy the private key (which is in the attacker's possession) unless you pay.

Should I be worried?

Yes. This is a very profitable crime. If your device is infected and your data gets encrypted with the attacker's key, it is very difficult – if not impossible – to decrypt without the private key.

How can I prevent it?

Backup your data regularly. Watch out for spear phishing. Use dynamic network blocking to prevent infections and to disrupt communications with the attacker's infrastructure.

Techscape is SC Media’s content marketing platform. Industry experts share their views in the following categories

Partner Content is sponsored content brought to you by a vendor

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.